Date: Fri, 24 Nov 2017 12:53:48 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 223835] BGP session not established with md5 password via FRRouting Message-ID: <bug-223835-8-gPbhmoSQG5@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-223835-8@https.bugs.freebsd.org/bugzilla/> References: <bug-223835-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D223835 --- Comment #6 from Andrey V. Elsukov <ae@FreeBSD.org> --- (In reply to Alexey from comment #4) > (In reply to Andrey V. Elsukov from comment #3) > [root@gate /home/pautina]# netstat -sp tcp | grep sig > 0 packets with matching signature received > 5261 packets with bad signature received This means that socket is configured to receive and send TCP MD5 signatures, but TCP segments has wrong signatures. You need to make sure that used pass= word is correct.=20 > 5579 times failed to make signature due to no SA This means that outbound or inbound TCP segments have been failed to find corresponding SA for given addresses and ports. > 0 times unexpected signature received > 2 times no signature provided by segment >=20 > what are you mean about addresses daemon, what the daemon, frr, bgpd? >=20 > Maybe this? > frr bgpd 41894 5 tcp6 *:179 *:* > frr bgpd 41894 6 tcp4 *:179 *:* > frr bgpd 41894 7 tcp6 *:2605 *:* > frr bgpd 41894 8 tcp4 *:2605 *:* I would check the output of tcpdump for given TCP connections. Addresses in packets dump should match to addresses used in SAs. You also can use -M fla= g to specify used password and see that it is correct. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-223835-8-gPbhmoSQG5>